package com.example.docmanagement.controller;

import com.example.docmanagement.dto.request.*;
import com.example.docmanagement.dto.response.ApiResponse;
import com.example.docmanagement.dto.response.PageResponse;
import com.example.docmanagement.dto.response.UserResponse;
import com.example.docmanagement.service.UserAdminService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import org.springdoc.core.annotations.ParameterObject;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.UUID;

/**
 * 管理后台 - 用户管理接口
 */
@RestController
@RequestMapping("/api/v1/admin/users")
@RequiredArgsConstructor
@Tag(name = "用户管理", description = "管理后台用户管理接口")
public class AdminUserController {

    private final UserAdminService userAdminService;

    @GetMapping
    @Operation(summary = "用户分页查询", description = "根据多种条件分页查询用户列表")
    @PreAuthorize("hasAuthority('user:read') or hasRole('ADMIN')")
    public ApiResponse<PageResponse<UserResponse>> listUsers(@ParameterObject @Valid UserQueryRequest request) {
        return ApiResponse.success(userAdminService.searchUsers(request));
    }

    @GetMapping("/{id}")
    @Operation(summary = "获取用户详情", description = "根据用户ID获取详细信息")
    @PreAuthorize("hasAuthority('user:view') or hasRole('ADMIN')")
    public ApiResponse<UserResponse> getUser(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id) {
        return ApiResponse.success(userAdminService.getUser(id));
    }

    @PostMapping
    @Operation(summary = "创建用户", description = "管理员创建新用户")
    @PreAuthorize("hasAuthority('user:create') or hasRole('ADMIN')")
    public ApiResponse<UserResponse> createUser(@Valid @RequestBody UserCreateRequest request) {
        return ApiResponse.success(userAdminService.createUser(request), "用户创建成功");
    }

    @PutMapping("/{id}")
    @Operation(summary = "更新用户", description = "更新用户基本信息、角色等")
    @PreAuthorize("hasAuthority('user:update') or hasRole('ADMIN')")
    public ApiResponse<UserResponse> updateUser(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id,
                                                @Valid @RequestBody UserUpdateRequest request) {
        return ApiResponse.success(userAdminService.updateUser(id, request), "用户更新成功");
    }

    @PostMapping("/{id}/reset-password")
    @Operation(summary = "重置密码", description = "管理员重置用户密码")
    @PreAuthorize("hasAuthority('user:reset-password') or hasRole('ADMIN')")
    public ApiResponse<Void> resetPassword(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id,
                                           @Valid @RequestBody ResetPasswordRequest request) {
        userAdminService.resetPassword(id, request);
        return ApiResponse.success(null, "密码重置成功");
    }

    @PatchMapping("/{id}/status")
    @Operation(summary = "更新用户状态", description = "启用、禁用或封禁用户")
    @PreAuthorize("hasAuthority('user:disable') or hasRole('ADMIN')")
    public ApiResponse<UserResponse> updateStatus(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id,
                                                  @Valid @RequestBody UpdateUserStatusRequest request) {
        return ApiResponse.success(userAdminService.updateStatus(id, request), "状态更新成功");
    }

    @PutMapping("/{id}/role")
    @Operation(summary = "分配角色", description = "给用户分配新的角色")
    @PreAuthorize("hasAuthority('user:assign-role') or hasRole('ADMIN')")
    public ApiResponse<UserResponse> assignRole(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id,
                                                @Valid @RequestBody AssignUserRoleRequest request) {
        return ApiResponse.success(userAdminService.assignRole(id, request), "角色分配成功");
    }

    @DeleteMapping("/{id}")
    @Operation(summary = "删除用户", description = "软删除用户账号")
    @PreAuthorize("hasAuthority('user:delete') or hasRole('ADMIN')")
    public ApiResponse<Void> deleteUser(
            @Parameter(description = "用户ID", required = true, example = "550e8400-e29b-41d4-a716-446655440000")
            @PathVariable UUID id) {
        userAdminService.softDelete(id);
        return ApiResponse.success(null, "用户已删除");
    }
}


